Customer Driven BC/DR - Changing the Rules of the Game

It used to be the only companies that needed real Business Continuity/Disaster Recovery (BC/DR) programs were those that were regulated or heavily IT-dependent. If you weren't in that group, you could bet against a disaster occurring and get away with not having tested or updated your plan, and in most cases there wouldn't be consequences.

But today’s complex supply chains are creating real, near-term risk for nearly any business that doesn't have a working, tested BC/DR program in place. Both your prospects and your existing customers are now very interested in how your ability to recover from a disaster will impact their ability to supply their customers.

This new requirement may pop up as your sales team pursues a new logo, or it may be a surprise from a long term existing client. But suddenly one of the things that has been on the “we’ll get to it” list becomes a top priority for the sales team.

It may be a pesky competitor who has invested in a program driving the criteria, a regulated customer or a risk manager who recognizes the implications of your place in their supply chain, but one thing is for sure: if you’re working with the old plan in the three ring binder on the shelf that has been tested once (at most), that’s not going to cut it.

If you need a working, testable BC/DR program, here are some of the steps you’ll need to go through:

Determining the business value of your IT services/applications

Defining the recovery objectives for your suite of applications and supporting data (RTO/RPO)

Mapping application dependencies to hardware and across other applications

Understanding the current state of IT resiliency – what could go wrong, what controls do we have in place, and how effective are they?

Working with the business to set realistic continuity goals and necessary investment levels